Re: [Uta] wrt draft-ietf-uta-email-tls-certs
Alexey Melnikov <alexey.melnikov@isode.com> Fri, 05 February 2016 10:49 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 778281A1AA1; Fri, 5 Feb 2016 02:49:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Tn-58JX5dGg; Fri, 5 Feb 2016 02:49:09 -0800 (PST)
Received: from waldorf.isode.com (waldorf.isode.com [62.232.206.188]) by ietfa.amsl.com (Postfix) with ESMTP id 4EB2F1A1A9F; Fri, 5 Feb 2016 02:49:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1454669348; d=isode.com; s=selector; i=@isode.com; bh=TMAUqKeYthzyMVRQWDMpIOLmfQFv5TUptJ2Lqimff2U=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=V4tpX7+OSiMhxCkaKIXWiTo+PwolTul4eF1lhvMtssZezuPQJKueHfPgMVJ+AcOMzIzcT2 2BtxyNpVnLcWXVU+mDl1cTkG1p64Oc6SO3b+zy5HhaVPZiU6O3J4/0rhPGlwBC+OQUi1Dk cFNBCxbqUeaqMPzZpqWoa0tGE03lVs4=;
Received: from [192.168.0.5] (cpc5-nmal20-2-0-cust24.19-2.cable.virginm.net [92.234.84.25]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <VrR-IwAbMDTk@waldorf.isode.com>; Fri, 5 Feb 2016 10:49:08 +0000
To: =JeffH <Jeff.Hodges@KingsMountain.com>, draft-ietf-uta-email-tls-certs@ietf.org
References: <56AFFE3B.4010505@KingsMountain.com>
From: Alexey Melnikov <alexey.melnikov@isode.com>
Message-ID: <56B47E1E.1050501@isode.com>
Date: Fri, 05 Feb 2016 10:49:02 +0000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
In-Reply-To: <56AFFE3B.4010505@KingsMountain.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/uta/ht5E0_m5RnOF7kZSf1yXpeYh7aU>
Cc: uta@ietf.org, uta-chairs@ietf.org, IETF Discussion List <ietf@ietf.org>
Subject: Re: [Uta] wrt draft-ietf-uta-email-tls-certs
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Feb 2016 10:49:10 -0000
Hi Jeff, On 02/02/2016 00:54, =JeffH wrote: > Hi Alexey, > > I was taking a look at wrt draft-ietf-uta-email-tls-certs and noted that > it says this in Section 3.. > > [...] > Matching is performed according > to the rules specified in Section 6 of [RFC6125], including the > relative order of matching of different identifier types, > "certificate pinning" and the procedure on failure to match. The > following inputs are used by the verification procedure used in > [RFC6125]: > > [...] > > The rules and guidelines defined in [RFC6125] apply to an email > server certificate, with the following supplemental rules: > > [...various supplemental rules to add to those defined in RFC6125.. ] > > > ..thus I am curious as to why draft-ietf-uta-email-tls-certs does not > officially update RFC6125 -- should it not (in addition to updating four > other RFCs as it notes) ? "Supplemental rules" are inputs to RFC 6125 procedure (such as use of wildcards, use of CN-ID, etc.). I don't think the document updates RFC 6125. If you think something better than "supplemental rules" should be used in this context, please let me know. Best Regards, Alexey
- [Uta] wrt draft-ietf-uta-email-tls-certs =JeffH
- Re: [Uta] wrt draft-ietf-uta-email-tls-certs Alexey Melnikov
- Re: [Uta] wrt draft-ietf-uta-email-tls-certs =JeffH
- Re: [Uta] wrt draft-ietf-uta-email-tls-certs Barry Leiba
- Re: [Uta] wrt draft-ietf-uta-email-tls-certs Orit Levin (CELA)
- Re: [Uta] wrt draft-ietf-uta-email-tls-certs =JeffH